堆栈内存溢出
  简体   繁体   English

使用表单中的多个字段搜索MySQL数据库

[英]Search MySQL Database with Multiple Fields in a Form

 原文  2012-02-16 19:31:17       php

问题描述

I have created a form where the user can search the database, and the result depends on how the user fills out the form. 我创建了一个用户可以搜索数据库的表单,结果取决于用户填写表单的方式。
For example, say I have name, address, city, state, and zip field, and the user fills out name and city fields, the results reflect the input. 例如,假设我有姓名,地址,城市,州和邮政编码字段,并且用户填写姓名和城市字段,结果反映了输入。 When the form submits all records are displayed. 当表单提交所有记录时都会显示。 for this I write this: 对此,我写这个: 

if(isset($_POST['submit'])) {
        $sql = mysql_query("SELECT * FROM table WHERE name LIKE '%" . $_POST['name'] . "%'
                   OR address LIKE '%" . $_POST['address'] . "%'
                   OR city LIKE '%" . $_POST['city'] . "%'
                   OR state LIKE '%" . $_POST['state'] . "%'
                   OR zip LIKE '%" . $_POST['zip'] . "%'");
    }


        <form method="post" action="<?php $_SERVER['PHP_SELF']; ?>">
            <tr>
                <td>Name:</td>
                <td><input type="text" name="name" /></td>
            </tr>
            <tr>
                <td>Address:</td>
                <td><input type="text" name="address" /></td>
            </tr>
            <tr>
                <td>City:</td>
                <td><input type="text" name="city" /></td>
            </tr>
            <tr>
                <td>State:</td>
                <td><input type="text" name="state" /></td>
            </tr>
            <tr>
                <td>Zip:</td>
                <td><input type="text" name="zip" /></td>
            </tr>
            <tr>
                <td>&nbsp;</td>
                <td><input type="submit" name="submit" value="Search" /></td>
            </tr>
        </form>
    </table>

    <?php
        if(isset($_POST['submit'])) {
            while($row = mysql_fetch_array($sql)) {
                echo $row['name'] . "<br />";
            }
        }   
    ?>

But in this case a user may leave a field blank. 但在这种情况下,用户可能会将字段留空。

1 个解决方案

解决方案1
 12 已采纳  2012-02-16 19:39:22

Try this: 试试这个: 

if(isset($_POST['submit'])) {
    // define the list of fields
    $fields = array('name', 'address', 'city', 'state', 'zip');
    $conditions = array();

    // loop through the defined fields
    foreach($fields as $field){
        // if the field is set and not empty
        if(isset($_POST[$field]) && $_POST[$field] != '') {
            // create a new condition while escaping the value inputed by the user (SQL Injection)
            $conditions[] = "`$field` LIKE '%" . mysql_real_escape_string($_POST[$field]) . "%'";
        }
    }

    // builds the query
    $query = "SELECT * FROM TABLE ";
    // if there are conditions defined
    if(count($conditions) > 0) {
        // append the conditions
        $query .= "WHERE " . implode (' AND ', $conditions); // you can change to 'OR', but I suggest to apply the filters cumulative
    }

    $result = mysql_query($query);

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用表单中的多个字段搜索 MySQL - Search MySQL with Multiple Fields in a Form 使用PDO MySQL进行分页搜索多个表单字段 - Pagination with PDO MySQL Search Multiple Form Fields 使用php多字段搜索MySQL数据库 - Multiple Fields search MySQL database using php 如何使用多个字段中的表单数据搜索MySQL数据库 - How to search a MySQL database using data from a form using Multiple fields 搜索多个字段MySQL - Search multiple fields MySQL 使用php表单更新mysql数据库的多个字段 - Update multiple fields of a mysql database using a php form 如何创建多个动态表单字段并插入到mysql数据库中 - How to create multiple dynamic form fields and insert in mysql database 多个数据库字段的搜索表单 - A search form for multiple db fields 具有多个选择字段的搜索表单 - search form with multiple select fields 如何在不使用mysql_real_escape_string的情况下创建多个jquery表单字段并插入到mysql数据库中 - How to create multiple jquery form fields and insert in mysql database, without using mysql_real_escape_string
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM